Email Delivery

Receive new posts as email.

Email address

Syndicate this site

RSS | Atom


About This Site
Contact Us
Privacy Policy


November 2010
Sun Mon Tues Wed Thurs Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30        

Stories by Category

Basics :: Basics
Casting :: Casting Listen In Podcasts Videocasts
Culture :: Culture Hacking
Deals :: Deals
Future :: Future
Hardware :: Hardware Adapters Appliances Chips Consumer Electronics Gaming Home Entertainment Music Photography Video Gadgets Mesh Monitoring and Testing PDAs Phones Smartphones
Industry :: Industry Conferences Financial Free Health Legal Research Vendor analysis
International :: International
Media :: Media Locally cached Streaming
Metro-Scale Networks :: Metro-Scale Networks Community Networking Municipal
Network Types :: Network Types Broadband Wireless Cellular 2.5G and 3G 4G Power Line Satellite
News :: News Mainstream Media
Politics :: Politics Regulation Sock Puppets
Schedules :: Schedules
Security :: Security 802.1X
Site Specific :: Site Specific Administrative Detail April Fool's Blogging Book review Cluelessness Guest Commentary History Humor Self-Promotion Unique Wee-Fi Who's Hot Today?
Software :: Software Open Source
Spectrum :: Spectrum 60 GHz
Standards :: Standards 802.11a 802.11ac 802.11ad 802.11e 802.11g 802.11n 802.20 Bluetooth MIMO UWB WiGig WiMAX ZigBee
Transportation and Lodging :: Transportation and Lodging Air Travel Aquatic Commuting Hotels Rails
Unclassified :: Unclassified
Vertical Markets :: Vertical Markets Academia Enterprise WLAN Switches Home Hot Spot Aggregators Hot Spot Advertising Road Warrior Roaming Libraries Location Medical Public Safety Residential Rural SOHO Small-Medium Sized Business Universities Utilities wISP
Voice :: Voice


November 2010 | October 2010 | September 2010 | August 2010 | July 2010 | June 2010 | May 2010 | April 2010 | March 2010 | February 2010 | January 2010 | December 2009 | November 2009 | October 2009 | September 2009 | August 2009 | July 2009 | June 2009 | May 2009 | April 2009 | March 2009 | February 2009 | January 2009 | December 2008 | November 2008 | October 2008 | September 2008 | August 2008 | July 2008 | June 2008 | May 2008 | April 2008 | March 2008 | February 2008 | January 2008 | December 2007 | November 2007 | October 2007 | September 2007 | August 2007 | July 2007 | June 2007 | May 2007 | April 2007 | March 2007 | February 2007 | January 2007 | December 2006 | November 2006 | October 2006 | September 2006 | August 2006 | July 2006 | June 2006 | May 2006 | April 2006 | March 2006 | February 2006 | January 2006 | December 2005 | November 2005 | October 2005 | September 2005 | August 2005 | July 2005 | June 2005 | May 2005 | April 2005 | March 2005 | February 2005 | January 2005 | December 2004 | November 2004 | October 2004 | September 2004 | August 2004 | July 2004 | June 2004 | May 2004 | April 2004 | March 2004 | February 2004 | January 2004 | December 2003 | November 2003 | October 2003 | September 2003 | August 2003 | July 2003 | June 2003 | May 2003 | April 2003 | March 2003 | February 2003 | January 2003 | December 2002 | November 2002 | October 2002 | September 2002 | August 2002 | July 2002 | June 2002 | May 2002 | April 2002 | March 2002 | February 2002 | January 2002 | December 2001 | November 2001 | October 2001 | September 2001 | August 2001 | July 2001 | June 2001 | May 2001 | April 2001 |

Recent Entries

New Outsourced WPA/WPA2 Enterprise Service Launches
Ekahau Releases Free Wi-Fi Heatmap Software
Ruckus Latest Shout-Out: Small and Medium Sized Business Gear
Peplink Leverages City-Fi, Wired Broadband with Package
802.1X for the Smaller Office
SMC Adds High-End WLAN Features at Low Price
WiTopia Releases New WPA Enterprise Service Pricing
Comparing Outsourced 802.1X for Smaller Businesses
Zyxel Adds PEAP in an Access Point

Site Philosophy

This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator. Part of the FM Tech advertising network.


Entire site and all contents except otherwise noted © Copyright 2001-2010 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.

Powered by
Movable Type

Recently in Small-Medium Sized Business Category

November 18, 2009

New Outsourced WPA/WPA2 Enterprise Service Launches

By Glenn Fleishman

Eric Geier, a long-time tech writer and reporter, has launched NoWiresSecurity: Geier, who has been in this business of writing about Wi-Fi and wireless for longer than me, offers AuthenticateMyWiFi, a way to use 802.1X authentication for secure WPA/WPA2 Enterprise logins on a Wi-Fi network without hosting and managing the server yourself. The service is billed on a monthly rate based on the number of user accounts.

WPA/WPA2 Enterprise allow a Wi-Fi user to connect using credentials, typically a user name and password, which are passed securely over a network without first providing access to the network's resources. When a back-end authentication server confirms the user's identity, unique key material is creating that protects a user's Wi-Fi link separately from all other users on the network.

The ability to issue and revoke accounts, set policies (like: "can only log in between 8 am and 5 pm on weekdays"), and avoid giving out a shared key for all users are all why WPA/WPA2 Enterprise (or the underlying 802.1X standard in various modes) is the gold standard for secured network access. Interestingly, nearly all consumer-grade access points have the necessary support to enable this enterprise mode.

If you're running a small network, you can get access to WPA/WPA2 Enterprise by using Windows Server (various versions, prices varies) or Mac OS X Server 10.5 or later ($499 for unlimited users; Intel system required; bundled with some Macs). You could also install Periodik Labs's Elektron server ($950 with a year of maintenance).

All those solutions require a little to a lot of IT experience. Many small-to-medium-sized businesses have few IT needs beyond file sharing, but want to have a secure network. Geier's AuthenticateMyWiFi could fit this need. I've written about similar services in the past, such as the similarly named SecureMyWiFi from WiTopia, which the company has stopped offering. (WiTopia decided to focus on hosted VPN services, another category of outsourcing I recommend for small and medium businesses.)

AuthenticateMyWiFi provides the range of 802.1X options, such as access policies I described earlier (time of day, accounts that have expiration dates), security controls like IP-restricted logins, and access to usage logs. The service has you set up accounts via a Web site, and then configure one or more access points--as many as you like with the same user fees--to authenticate via its servers.

The rates start at $13/mo or $130/yr for up to 10 users, and scale up to $36/mo or $360/yr for 61 to 100 users.

The only trouble with hosted authentication is that authentication for users joining the network will fail if your Internet connection is down, the link between you and the hosted service is interrupted, or, of course, the hosted service isn't responsive. (Existing logged in sessions remain active.)

Posted by Glenn Fleishman at 9:58 AM | Permanent Link | Categories: Security, Small-Medium Sized Business | No Comments

March 24, 2009

Ekahau Releases Free Wi-Fi Heatmap Software

By Glenn Fleishman

Asset-tracking software firm Ekahau releases tool to discover, map signal strength of Wi-Fi networks: HeatMapper, a free Windows XP/Vista application, performs the neat trick of letting you walk around your office or home while it continuously scans for Wi-Fi networks. When you stop warwalking and inform the program of such, you're presented with a heatmap of every network found. This lets you survey interference and see how your network deployment "looks."

You can start with a raw grid or a digital image of your office or home floorplan. As you walk, you click at key points. The software does the rest.

home-heatmap-small.pngHover over an access point on the heatmap--routers are neatly represented by a generic icon from the manufacturer, identified by its MAC address prefix--and you see the corresponding heatmap. (The graphic is a fancy icon; it's really only a 2D mapping package.)

A list at left shows a live scan of networks and their characteristics.

When I spoke to the program's product manager a few weeks ago for this article in Ars Technica, he said that the intent was partly to provide an up-to-date scanning package to replace NetStumbler, which has been out of development for years.

Posted by Glenn Fleishman at 9:39 PM | Permanent Link | Categories: Monitoring and Testing, SOHO, Small-Medium Sized Business

May 20, 2007

Ruckus Latest Shout-Out: Small and Medium Sized Business Gear

By Glenn Fleishman

Easy configuration, low cost, no RF experience required, the company says: Ruckus Wireless, an ahead-of-the-curve wireless gear maker that, until now, has looked to bridging metro-scale networks into homes and distributing media around a house over Wi-Fi for IPTV (Internet Protocol Television) providers as its key markets is expanding into the SMB space, offering small-to-medium-sized businesses a new line of easy-to-configure, inexpensive products that can achieve enterprise-like results.

In a briefing last week, CEO Selina Lo said, "We saw that for the SMBs, there's a big need for a complete wireless LAN solution made simple -- so simple that you don't need IT operators." A problem that I've heard consistently expressed by SMBs is that with no or few full-time IT staffers, enterprise-scale WLAN technology is not just an order of magnitude too expensive, but would require too much in-house expertise to run. "There are lots of companies from 50 to 500 people -- they still need completely secure and robust and critical Wi-Fi solutions," Lo said.

Lo said that the company will have three offerings: auto-discovery access points, including their existing 802.11g ZoneFlex 2925 access point, which is ready to work with their new system, and a planned 802.11n addition in the third quarter; a controller, called ZoneDirector, that manages and directs the functions of APs, as well as handles authentication; and FlexMaster, a remote administration tool, which will ship in the fourth quarter.

The 802.11g access point lists for $259; an office-building oriented model (2942) will ship in July for $349, and sport power over Ethernet and a plenum-space fire rating. The ZoneDirector 1000 series comprises three models that manage a maximum of 6, 12, or 25 access points, and cost, respectively, $1,200, $2,000, and $3,500. They ship in July. The 802.11n access point and FlexMaster tool have not yet had their pricing set.

Lo said the company will also offer a starter pack of six 2925 access points and the entry-level six-AP ZoneDirector for $2,000, a discount of about $750 off list.

The company has also developed a simple security alternative that occupies a niche between WPA/WPA2 Personal's preshared key and the authentication server-driven WPA/WPA2 Enterprise system. They call this Dynamic PSK, and say patents are pending.

Read the rest of "Ruckus Latest Shout-Out: Small and Medium Sized Business Gear"

Posted by Glenn Fleishman at 9:01 PM | Permanent Link | Categories: Small-Medium Sized Business

September 19, 2006

Peplink Leverages City-Fi, Wired Broadband with Package

By Glenn Fleishman

Combo-Logo LPeplink offers load balancing, redundancy with combo package: The firm is coupling its Surf 200BG wireless bridge, designed to connect to metro-scale Wi-Fi networks, and the Balance 30, a load-balancing network bridge that accepts broadband from both a wired connection and the Surf 200BG. If one connection goes down, the other is available. Requests can traverse either network, preferring the less-congested one, I'd imagine.

At $600, it's a bit pricey for a home user, but I can see where SMBs (small-to-medium-sized businesses) would find it a good investment. I've wondered about how many subscribers to a city-wide network would use that Wi-Fi service as both a backup (for inevitable wireline downtime, however brief) and as a mobile alternative. I suspect that some businesses will arrange special rates with retail ISPs to equip a number of roaming employees and have a link for their office. That Wi-Fi link could even be the primary one, with some metro-scale operators offering business-grade service at 3 Mbps or higher, and a lower-speed ADSL line acting as a backup.

An important factor for a multihomed bridge like this is that even though it can virtually bond two separate networks, it can't actually split traffic at the packet level. Connection-based services, like a VPN, would be routed over one of the two broadband networks and be disrupted were that network to drop. Web requests could be shuffled--one image request over one network, another over another--but it requires the cooperation of an ISP at the routing level to allow true bonded, multihomed networks.

Posted by Glenn Fleishman at 12:49 PM | Permanent Link | Categories: Hardware, Metro-Scale Networks, Small-Medium Sized Business

April 5, 2006

802.1X for the Smaller Office

By Glenn Fleishman

I filed this story for Secure Enterprise about affordable, solid options for WPA Enterprise and 802.1X authentication for SMBs (small-to-medium-sized businesses): The article, which ran last month (sorry for the late ego link, folks), took as a prerequisite that I wanted to review products that required little to no network administrative knowledge. They should be as turnkey as possible, cost $1,000 or less for 25 seats, and offer standard PEAPv0 with MSCHAPv2 authentication to avoid requiring installing a client under Windows XP SP2.

The results were quite lovely. Several companies were invited, and of those that responded and met the criteria, I found four good solutions each for particular niches. Two outsourced 802.1X vendors, and Boxedwireless, offer good, solid, and simple options that work reliably. Pricing is cheaper at WiTopia, but Boxedwireless offers EAP-TLS (authentication via individual certificates), which is otherwise expensive and tricky to set up even for a large business. The two hosted server solutions were also just dandy. Elektron is flexible, not overwhelming to learn, and relatively inexpensive. Radiator has more options than you can shake a stick out and isn't for the faint of heart, but it's incredibly powerful. It's too sophisticated for most SMBs, but it also can handle the most obscure and particular aspects of Wi-Fi authentication coupled with RADIUS and AAA granularity.

Note that LucidLink went out of business before our invitation letters went out, and that McAfee declined to participate because it hadn't retooled an offering for the SMB market yet. Funk and Meetinghouse were too expensive, but that per-seat expenses decreases for somewhat larger operations (say 100 to 200 users), and they offer extensive support options not provided by any of the firms featured in this article.

Posted by Glenn Fleishman at 12:55 PM | Permanent Link | Categories: 802.1X, Security, Small-Medium Sized Business

March 29, 2006

SMC Adds High-End WLAN Features at Low Price

By Glenn Fleishman

The EliteConnect series of access points have premium features for $300 to $350: SMC has adopted a number of typically enterprise-only offerings in its new mid-range priced devices. This includes the incredibly useful virtual SSID option, which allows multiple virtual networks to appear available with a single access point controlling access. Couple that with individual security settings for each virtual SSID and a VLAN--a separately partitioned logical data channel that keeps traffic private within the device and over an Ethernet network--and a small business could have top-level security for its own network and open access for guests.

The routers also include QoS (quality of service) prioritization, SNMPv3 reporting, and WPA2. A b/g router is $300 list and a/b/g just $350. The devices also support 802.3af for Power over Ethernet (PoE). They can be configured via a command-line interface, a Web browser, or a management tool from SMC. The units ship in April.

Prior to this product line, I've only seen some of these features in the Gateway Computers 7000 series of APs, which were announced and buried, though still sold.

Posted by Glenn Fleishman at 11:04 AM | Permanent Link | Categories: Hardware, Small-Medium Sized Business | 1 Comment

March 7, 2006

WiTopia Releases New WPA Enterprise Service Pricing

By Glenn Fleishman

Securemywifi060306WiTopia has somewhat quietly offered SecureMyWiFi for many months: Today, they announced a new pricing setup designed for larger offices. The service provides outsourced robust WPA Enterprise authentication in which each Wi-Fi user has a unique login name and password, and whose networking software receives unique encryption information on a successful login.

WiTopia now prices this service both for small office/home office users and larger firms. Home/SOHO users pay $20 for setup, and $9.99 per year for up to five users and one access point. Additional APs are $9.99 per year up to three, at which point you graduate to the Business Edition.

Larger business pay a one-time $99 setup fee, and $99 per year for up to 100 users a single access point. Each additional AP adds $14.99 per year, with custom prices quoted for networks of greater than 10 APs or 100 users.

I've evaluated SecureMyWiFi several times, most recently for Network Computing's March issue (availale online any day now). It works quite well, and the company is very responsive for special requests and tech support. Their only real competitor is BoxedWireless, which charges per user but includes unlimited APs. BoxedWireless also offers individual digital certificates for each client, which may be useful for smaller firms that need an even higher level of security than a username/password for network access. BoxedWireless also performs admirably, but is more expensive for larger numbers of users.

Posted by Glenn Fleishman at 2:06 PM | Permanent Link | Categories: Security, Small-Medium Sized Business

September 27, 2005

Comparing Outsourced 802.1X for Smaller Businesses

By Glenn Fleishman

In this Mobile Pipeline article, I compare three affordable outsourced 802.1X/WPA Enterprise providers: WiTopia's SecureMyFi,, and WSC Guard (now part of McAfee) each have their strengths. WSC Guard is incredibly simple to use and administer, but it's a Windows-only offering. SecureMyWiFi and BoxedWireless offer flexibility by providing full 802.1X support for PEAP (both), EAP-TTLS (SecureMyWiFi) and EAP-TLS with certificate management (BoxedWireless).

Smaller businesses that lack per-user Wi-Fi logins should consider adopting one of these outsourced services if they'd rather not run the server themselves. I wrote some months ago about in-house 802.1X offerings, but even the simpler ones may be too geeky for businesses with zero IT staff.

Posted by Glenn Fleishman at 3:44 PM | Permanent Link | Categories: 802.1X, Security, Small-Medium Sized Business | 2 Comments

June 15, 2005

Zyxel Adds PEAP in an Access Point

By Glenn Fleishman

Zyxel has released an AP with built-in 802.1X with PEAP: This all-in-one unit allows you to run a small office with WPA-Enterprise security using PEAP for up to 32 users. It's $179.

In a press release, Zyxel claimed it was the first to offer PEAP-in-a-box. That accolade should go, however, to computer-maker Gateway which offered such a device last July (my review). Its Gateway 7001 series (802.11g for $299, a+g for $399) features built-in PEAP and built-in VLAN segregation. It has two Ethernet ports which allow physical network segregation as well as virtual. Gateway never capitalized on this advantage, and the product now seems overpriced. [link via Tom's Networking]

Posted by Glenn Fleishman at 9:02 AM | Permanent Link | Categories: 802.1X, Security, Small-Medium Sized Business

« Rural | Main Index | Archives | SOHO »